mirrors
/
rails
mirror of https://github.com/rails/rails
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix: correct config.host_authorization reference 

The Middleware `ActionDispatch::HostAuthorization` configuration documentation references `config.host_configuration`.  Correct this to `config.host_authorization` to match the source code documentation in `action_dispatch/middleware/host_authorization.rb`.
This commit is contained in:
Shane Boyer 2022-04-11 00:31:27 -04:00 committed by GitHub
parent 8f39fbe18a
commit ef291097fc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
guides/source/configuring.md
View File

@ -507,21 +507,21 @@ Rails.application.config.hosts << ".product.com"
```
You can exclude certain requests from Host Authorization checks by setting
`config.host_configuration.exclude`:
`config.host_authorization.exclude`:
```ruby
# Exclude requests for the /healthcheck/ path from host checking
Rails.application.config.host_configuration = {
Rails.application.config.host_authorization = {
exclude: ->(request) { request.path =~ /healthcheck/ }
}
```
When a request comes to an unauthorized host, a default Rack application
will run and respond with `403 Forbidden`. This can be customized by setting
`config.host_configuration.response_app`. For example:
`config.host_authorization.response_app`. For example:
```ruby
Rails.application.config.host_configuration = {
Rails.application.config.host_authorization = {
response_app: -> env do
[400, { "Content-Type" => "text/plain" }, ["Bad Request"]]
end